Shot in the foot

The UK is trying to set up a national research database of medical records from the National Health Service. That’s a good idea. New Zealand has one, and many of the larger fragments of the US medical system have their own.  As well as helping improve the performance of the National Health Service, the UK database could be used for research that would help people around the world; for example, detecting adverse effects of drugs.

A UK drug safety system would be more informative than the NZ one, because it involves so many more people. It might even be more informative than the US systems because the NHS it is comprehensive, not selective. That’s only true if everyone’s data is in the system, and that will only be possible if most people trust the system to protect their privacy.  Since it’s not really possible for the average person to tell if the system is trustworthy, it needs to be designed and implemented well enough that there aren’t any reasonable people with serious criticisms for inevitable opponents of the scheme to point to.

Sadly, the promoters of the database have at best been a bit careless about some of their claims, as Ben Goldacre describes. Some descriptions of the system have implied that making the data anonymous — removing obvious identifiers — is a strong safeguard. It isn’t: re-identification is often possible. It isn’t clear whether this was an omission in describing the safeguards or in designing them, but it’s unfortunate either way.

Worse still, the Telegraph has a story claiming that 13 years of complete British hospital records were sold to insurers, who used them to improve risk estimates and increase premiums. This is a problem because one of the key guarantees of the system was going to be that data wouldn’t get to insurers. The data release was under the old rules, not from the new proposed database, but it still is Not Helpful if you’re trying to persuade people not to worry.